isabelle: src/Doc/Tutorial/Protocol/Message.thy@c007e6d9941d (annotated)

49322 fbb320d02420 tuned headers; wenzelm parents: 48985 diff changeset	1	(* Author: Lawrence C Paulson, Cambridge University Computer Laboratory
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	2	Copyright 1996 University of Cambridge
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	3
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	4	Datatypes of agents and messages;
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	5	Inductive relations "parts", "analz" and "synth"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	6	)(<*)
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	7
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	8	section\<open>Theory of Agents and Messages for Security Protocols\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	9
72991 d0a0b74f0ad7 avoid multiple uses of the same ML file; wenzelm parents: 69605 diff changeset	10	theory Message imports "../Setup" begin
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	11
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	12	(Needed occasionally with spy_analz_tac, e.g. in analz_insert_Key_newK)
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	13	lemma [simp] : "A \<union> (B \<union> A) = B \<union> A"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	14	by blast
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	15	(>)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	16
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	17	section\<open>Agents and Messages\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	18
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	19	text \<open>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	20	All protocol specifications refer to a syntactic theory of messages.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	21	Datatype
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	22	\<open>agent\<close> introduces the constant \<open>Server\<close> (a trusted central
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	23	machine, needed for some protocols), an infinite population of
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	24	friendly agents, and the~\<open>Spy\<close>:
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	25	\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	26
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	27	datatype agent = Server \| Friend nat \| Spy
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	28
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	29	text \<open>
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	30	Keys are just natural numbers. Function \<open>invKey\<close> maps a public key to
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	31	the matching private key, and vice versa:
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	32	\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	33
42765 aec61b60ff7b modernized specifications; wenzelm parents: 42475 diff changeset	34	type_synonym key = nat
25341 ca3761e38a87 fix nipkow parents: 23929 diff changeset	35	consts invKey :: "key \<Rightarrow> key"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	36	(<)
67443 3abf6a722518 standardized towards new-style formal comments: isabelle update_comments; wenzelm parents: 67406 diff changeset	37	consts all_symmetric :: bool \<comment> \<open>true if all keys are symmetric\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	38
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	39	specification (invKey)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	40	invKey [simp]: "invKey (invKey K) = K"
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	41	invKey_symmetric: "all_symmetric \<longrightarrow> invKey = id"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	42	by (rule exI [of _ id], auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	43
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	44
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	45	text\<open>The inverse of a symmetric key is itself; that of a public key
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	46	is the private key and vice versa\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	47
35416 d8d7d1b785af replaced a couple of constsdefs by definitions (also some old primrecs by modern ones) haftmann parents: 35109 diff changeset	48	definition symKeys :: "key set" where
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	49	"symKeys == {K. invKey K = K}"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	50	(>)
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	51
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	52	text \<open>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	53	Datatype
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	54	\<open>msg\<close> introduces the message forms, which include agent names, nonces,
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	55	keys, compound messages, and encryptions.
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	56	\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	57
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	58	datatype
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	59	msg = Agent agent
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	60	\| Nonce nat
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	61	\| Key key
32960 69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 32265 diff changeset	62	\| MPair msg msg
69916a850301 eliminated hard tabulators, guessing at each author's individual tab-width; wenzelm parents: 32265 diff changeset	63	\| Crypt key msg
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	64
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	65	text \<open>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	66	\noindent
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	67	The notation $\comp{X\sb 1,\ldots X\sb{n-1},X\sb n}$
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	68	abbreviates
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	69	$\isa{MPair}\,X\sb 1\,\ldots\allowbreak(\isa{MPair}\,X\sb{n-1}\,X\sb n)$.
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	70
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	71	Since datatype constructors are injective, we have the theorem
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	72	@{thm [display,indent=0] msg.inject(5) [THEN iffD1, of K X K' X']}
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	73	A ciphertext can be decrypted using only one key and
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	74	can yield only one plaintext. In the real world, decryption with the
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	75	wrong key succeeds but yields garbage. Our model of encryption is
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	76	realistic if encryption adds some redundancy to the plaintext, such as a
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	77	checksum, so that garbage can be detected.
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	78	\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	79
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	80	(<)
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	81	text\<open>Concrete syntax: messages appear as \<open>\<lbrace>A,B,NA\<rbrace>\<close>, etc...\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	82	syntax
81019 dd59daa3c37a clarified inner-syntax markup, notably for enumerations: prefer "notation=mixfix" over "entity" via 'syntax_consts' (see also 70076ba563d2); wenzelm parents: 80983 diff changeset	83	"_MTuple" :: "['a, args] \<Rightarrow> 'a * 'b" ("(\<open>indent=2 notation=\<open>mixfix message tuple\<close>\<close>\<lbrace>_,/ _\<rbrace>)")
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	84	translations
80786 70076ba563d2 more specific "args" syntax, to support more markup for syntax consts; wenzelm parents: 80768 diff changeset	85	"\<lbrace>x, y, z\<rbrace>" \<rightleftharpoons> "\<lbrace>x, \<lbrace>y, z\<rbrace>\<rbrace>"
70076ba563d2 more specific "args" syntax, to support more markup for syntax consts; wenzelm parents: 80768 diff changeset	86	"\<lbrace>x, y\<rbrace>" \<rightleftharpoons> "CONST MPair x y"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	87
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	88
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	89	definition keysFor :: "msg set \<Rightarrow> key set" where
67443 3abf6a722518 standardized towards new-style formal comments: isabelle update_comments; wenzelm parents: 67406 diff changeset	90	\<comment> \<open>Keys useful to decrypt elements of a message set\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	91	"keysFor H == invKey ` {K. \<exists>X. Crypt K X \<in> H}"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	92
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	93
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	94	subsubsection\<open>Inductive Definition of All Parts" of a Message\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	95
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	96	inductive_set
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	97	parts :: "msg set \<Rightarrow> msg set"
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	98	for H :: "msg set"
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	99	where
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	100	Inj [intro]: "X \<in> H \<Longrightarrow> X \<in> parts H"
ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	101	\| Fst: "\<lbrace>X,Y\<rbrace> \<in> parts H \<Longrightarrow> X \<in> parts H"
ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	102	\| Snd: "\<lbrace>X,Y\<rbrace> \<in> parts H \<Longrightarrow> Y \<in> parts H"
ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	103	\| Body: "Crypt K X \<in> parts H \<Longrightarrow> X \<in> parts H"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	104
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	105
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	106	text\<open>Monotonicity\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	107	lemma parts_mono: "G \<subseteq> H \<Longrightarrow> parts(G) \<subseteq> parts(H)"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	108	apply auto
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	109	apply (erule parts.induct)
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	110	apply (blast dest: parts.Fst parts.Snd parts.Body)+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	111	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	112
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	113
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	114	text\<open>Equations hold because constructors are injective.\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	115	lemma Friend_image_eq [simp]: "(Friend x \<in> Friend`A) = (x\<in>A)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	116	by auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	117
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	118	lemma Key_image_eq [simp]: "(Key x \<in> Key`A) = (x\<in>A)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	119	by auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	120
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	121	lemma Nonce_Key_image_eq [simp]: "(Nonce x \<notin> Key`A)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	122	by auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	123
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	124
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	125	subsubsection\<open>Inverse of keys\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	126
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	127	lemma invKey_eq [simp]: "(invKey K = invKey K') = (K=K')"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	128	apply safe
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	129	apply (drule_tac f = invKey in arg_cong, simp)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	130	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	131
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	132
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	133	subsection\<open>keysFor operator\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	134
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	135	lemma keysFor_empty [simp]: "keysFor {} = {}"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	136	by (unfold keysFor_def, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	137
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	138	lemma keysFor_Un [simp]: "keysFor (H \<union> H') = keysFor H \<union> keysFor H'"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	139	by (unfold keysFor_def, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	140
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	141	lemma keysFor_UN [simp]: "keysFor (\<Union>i\<in>A. H i) = (\<Union>i\<in>A. keysFor (H i))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	142	by (unfold keysFor_def, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	143
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	144	text\<open>Monotonicity\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	145	lemma keysFor_mono: "G \<subseteq> H \<Longrightarrow> keysFor(G) \<subseteq> keysFor(H)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	146	by (unfold keysFor_def, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	147
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	148	lemma keysFor_insert_Agent [simp]: "keysFor (insert (Agent A) H) = keysFor H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	149	by (unfold keysFor_def, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	150
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	151	lemma keysFor_insert_Nonce [simp]: "keysFor (insert (Nonce N) H) = keysFor H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	152	by (unfold keysFor_def, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	153
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	154	lemma keysFor_insert_Key [simp]: "keysFor (insert (Key K) H) = keysFor H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	155	by (unfold keysFor_def, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	156
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	157	lemma keysFor_insert_MPair [simp]: "keysFor (insert \<lbrace>X,Y\<rbrace> H) = keysFor H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	158	by (unfold keysFor_def, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	159
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	160	lemma keysFor_insert_Crypt [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	161	"keysFor (insert (Crypt K X) H) = insert (invKey K) (keysFor H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	162	by (unfold keysFor_def, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	163
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	164	lemma keysFor_image_Key [simp]: "keysFor (Key`E) = {}"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	165	by (unfold keysFor_def, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	166
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	167	lemma Crypt_imp_invKey_keysFor: "Crypt K X \<in> H \<Longrightarrow> invKey K \<in> keysFor H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	168	by (unfold keysFor_def, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	169
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	170
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	171	subsection\<open>Inductive relation "parts"\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	172
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	173	lemma MPair_parts:
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	174	"[\| \<lbrace>X,Y\<rbrace> \<in> parts H;
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	175	[\| X \<in> parts H; Y \<in> parts H \|] ==> P \|] ==> P"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	176	by (blast dest: parts.Fst parts.Snd)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	177
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	178	declare MPair_parts [elim!] parts.Body [dest!]
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	179	text\<open>NB These two rules are UNSAFE in the formal sense, as they discard the
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	180	compound message. They work well on THIS FILE.
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	181	\<open>MPair_parts\<close> is left as SAFE because it speeds up proofs.
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	182	The Crypt rule is normally kept UNSAFE to avoid breaking up certificates.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	183
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	184	lemma parts_increasing: "H \<subseteq> parts(H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	185	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	186
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	187	lemmas parts_insertI = subset_insertI [THEN parts_mono, THEN subsetD]
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	188
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	189	lemma parts_empty [simp]: "parts{} = {}"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	190	apply safe
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	191	apply (erule parts.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	192	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	193
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	194	lemma parts_emptyE [elim!]: "X\<in> parts{} \<Longrightarrow> P"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	195	by simp
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	196
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	197	text\<open>WARNING: loops if H = {Y}, therefore must not be repeated!\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	198	lemma parts_singleton: "X\<in> parts H \<Longrightarrow> \<exists>Y\<in>H. X\<in> parts {Y}"
26807 4cd176ea28dc Replaced blast by fast in proof of parts_singleton, since blast looped berghofe parents: 25341 diff changeset	199	by (erule parts.induct, fast+)
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	200
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	201
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	202	subsubsection\<open>Unions\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	203
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	204	lemma parts_Un_subset1: "parts(G) \<union> parts(H) \<subseteq> parts(G \<union> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	205	by (intro Un_least parts_mono Un_upper1 Un_upper2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	206
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	207	lemma parts_Un_subset2: "parts(G \<union> H) \<subseteq> parts(G) \<union> parts(H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	208	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	209	apply (erule parts.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	210	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	211
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	212	lemma parts_Un [simp]: "parts(G \<union> H) = parts(G) \<union> parts(H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	213	by (intro equalityI parts_Un_subset1 parts_Un_subset2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	214
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	215	lemma parts_insert: "parts (insert X H) = parts {X} \<union> parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	216	apply (subst insert_is_Un [of _ H])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	217	apply (simp only: parts_Un)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	218	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	219
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	220	text\<open>TWO inserts to avoid looping. This rewrite is better than nothing.
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	221	Not suitable for Addsimps: its behaviour can be strange.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	222	lemma parts_insert2:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	223	"parts (insert X (insert Y H)) = parts {X} \<union> parts {Y} \<union> parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	224	apply (simp add: Un_assoc)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	225	apply (simp add: parts_insert [symmetric])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	226	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	227
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	228	lemma parts_UN_subset1: "(\<Union>x\<in>A. parts(H x)) \<subseteq> parts(\<Union>x\<in>A. H x)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	229	by (intro UN_least parts_mono UN_upper)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	230
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	231	lemma parts_UN_subset2: "parts(\<Union>x\<in>A. H x) \<subseteq> (\<Union>x\<in>A. parts(H x))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	232	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	233	apply (erule parts.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	234	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	235
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	236	lemma parts_UN [simp]: "parts(\<Union>x\<in>A. H x) = (\<Union>x\<in>A. parts(H x))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	237	by (intro equalityI parts_UN_subset1 parts_UN_subset2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	238
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	239	text\<open>Added to simplify arguments to parts, analz and synth.
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	240	NOTE: the UN versions are no longer used!\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	241
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	242
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	243	text\<open>This allows \<open>blast\<close> to simplify occurrences of
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	244	\<^term>\<open>parts(G\<union>H)\<close> in the assumption.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	245	lemmas in_parts_UnE = parts_Un [THEN equalityD1, THEN subsetD, THEN UnE]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	246	declare in_parts_UnE [elim!]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	247
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	248
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	249	lemma parts_insert_subset: "insert X (parts H) \<subseteq> parts(insert X H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	250	by (blast intro: parts_mono [THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	251
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	252	subsubsection\<open>Idempotence and transitivity\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	253
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	254	lemma parts_partsD [dest!]: "X \<in> parts (parts H) \<Longrightarrow> X\<in> parts H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	255	by (erule parts.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	256
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	257	lemma parts_idem [simp]: "parts (parts H) = parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	258	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	259
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	260	lemma parts_subset_iff [simp]: "(parts G \<subseteq> parts H) = (G \<subseteq> parts H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	261	apply (rule iffI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	262	apply (iprover intro: subset_trans parts_increasing)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	263	apply (frule parts_mono, simp)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	264	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	265
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	266	lemma parts_trans: "[\| X\<in> parts G; G \<subseteq> parts H \|] ==> X\<in> parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	267	by (drule parts_mono, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	268
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	269	text\<open>Cut\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	270	lemma parts_cut:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	271	"[\| Y\<in> parts (insert X G); X\<in> parts H \|] ==> Y\<in> parts (G \<union> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	272	by (blast intro: parts_trans)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	273
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	274
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	275	lemma parts_cut_eq [simp]: "X\<in> parts H ==> parts (insert X H) = parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	276	by (force dest!: parts_cut intro: parts_insertI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	277
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	278
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	279	subsubsection\<open>Rewrite rules for pulling out atomic messages\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	280
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	281	lemmas parts_insert_eq_I = equalityI [OF subsetI parts_insert_subset]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	282
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	283
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	284	lemma parts_insert_Agent [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	285	"parts (insert (Agent agt) H) = insert (Agent agt) (parts H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	286	apply (rule parts_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	287	apply (erule parts.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	288	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	289
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	290	lemma parts_insert_Nonce [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	291	"parts (insert (Nonce N) H) = insert (Nonce N) (parts H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	292	apply (rule parts_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	293	apply (erule parts.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	294	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	295
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	296	lemma parts_insert_Key [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	297	"parts (insert (Key K) H) = insert (Key K) (parts H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	298	apply (rule parts_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	299	apply (erule parts.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	300	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	301
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	302	lemma parts_insert_Crypt [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	303	"parts (insert (Crypt K X) H) = insert (Crypt K X) (parts (insert X H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	304	apply (rule equalityI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	305	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	306	apply (erule parts.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	307	apply (blast intro: parts.Body)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	308	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	309
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	310	lemma parts_insert_MPair [simp]:
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	311	"parts (insert \<lbrace>X,Y\<rbrace> H) =
6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	312	insert \<lbrace>X,Y\<rbrace> (parts (insert X (insert Y H)))"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	313	apply (rule equalityI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	314	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	315	apply (erule parts.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	316	apply (blast intro: parts.Fst parts.Snd)+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	317	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	318
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	319	lemma parts_image_Key [simp]: "parts (Key`N) = Key`N"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	320	apply auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	321	apply (erule parts.induct, auto)
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	322	done
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	323
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	324
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	325	text\<open>In any message, there is an upper bound N on its greatest nonce.\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	326	lemma msg_Nonce_supply: "\<exists>N. \<forall>n. N\<le>n \<longrightarrow> Nonce n \<notin> parts {msg}"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	327	apply (induct_tac "msg")
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	328	apply (simp_all (no_asm_simp) add: exI parts_insert2)
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	329	txt\<open>MPair case: blast works out the necessary sum itself!\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	330	prefer 2 apply auto apply (blast elim!: add_leE)
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	331	txt\<open>Nonce case\<close>
58305 57752a91eec4 renamed 'datatype' to 'old_datatype'; 'datatype' is now alias for 'datatype_new' blanchet parents: 56059 diff changeset	332	apply (rename_tac nat)
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	333	apply (rule_tac x = "N + Suc nat" in exI, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	334	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	335	(>)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	336
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	337	section\<open>Modelling the Adversary\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	338
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	339	text \<open>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	340	The spy is part of the system and must be built into the model. He is
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	341	a malicious user who does not have to follow the protocol. He
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	342	watches the network and uses any keys he knows to decrypt messages.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	343	Thus he accumulates additional keys and nonces. These he can use to
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	344	compose new messages, which he may send to anybody.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	345
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	346	Two functions enable us to formalize this behaviour: \<open>analz\<close> and
cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	347	\<open>synth\<close>. Each function maps a sets of messages to another set of
cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	348	messages. The set \<open>analz H\<close> formalizes what the adversary can learn
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	349	from the set of messages~$H$. The closure properties of this set are
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	350	defined inductively.
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	351	\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	352
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	353	inductive_set
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	354	analz :: "msg set \<Rightarrow> msg set"
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	355	for H :: "msg set"
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	356	where
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	357	Inj [intro,simp] : "X \<in> H \<Longrightarrow> X \<in> analz H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	358	\| Fst: "\<lbrace>X,Y\<rbrace> \<in> analz H \<Longrightarrow> X \<in> analz H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	359	\| Snd: "\<lbrace>X,Y\<rbrace> \<in> analz H \<Longrightarrow> Y \<in> analz H"
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	360	\| Decrypt [dest]:
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	361	"\<lbrakk>Crypt K X \<in> analz H; Key(invKey K) \<in> analz H\<rbrakk>
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	362	\<Longrightarrow> X \<in> analz H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	363	(<)
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	364	text\<open>Monotonicity; Lemma 1 of Lowe's paper\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	365	lemma analz_mono: "G\<subseteq>H \<Longrightarrow> analz(G) \<subseteq> analz(H)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	366	apply auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	367	apply (erule analz.induct)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	368	apply (auto dest: analz.Fst analz.Snd)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	369	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	370
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	371	text\<open>Making it safe speeds up proofs\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	372	lemma MPair_analz [elim!]:
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	373	"[\| \<lbrace>X,Y\<rbrace> \<in> analz H;
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	374	[\| X \<in> analz H; Y \<in> analz H \|] ==> P
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	375	\|] ==> P"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	376	by (blast dest: analz.Fst analz.Snd)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	377
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	378	lemma analz_increasing: "H \<subseteq> analz(H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	379	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	380
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	381	lemma analz_subset_parts: "analz H \<subseteq> parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	382	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	383	apply (erule analz.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	384	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	385
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	386	lemmas analz_into_parts = analz_subset_parts [THEN subsetD]
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	387
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	388	lemmas not_parts_not_analz = analz_subset_parts [THEN contra_subsetD]
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	389
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	390
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	391	lemma parts_analz [simp]: "parts (analz H) = parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	392	apply (rule equalityI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	393	apply (rule analz_subset_parts [THEN parts_mono, THEN subset_trans], simp)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	394	apply (blast intro: analz_increasing [THEN parts_mono, THEN subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	395	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	396
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	397	lemma analz_parts [simp]: "analz (parts H) = parts H"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	398	apply auto
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	399	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	400	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	401
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	402	lemmas analz_insertI = subset_insertI [THEN analz_mono, THEN [2] rev_subsetD]
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	403
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	404	subsubsection\<open>General equational properties\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	405
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	406	lemma analz_empty [simp]: "analz{} = {}"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	407	apply safe
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	408	apply (erule analz.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	409	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	410
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	411	text\<open>Converse fails: we can analz more from the union than from the
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	412	separate parts, as a key in one might decrypt a message in the other\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	413	lemma analz_Un: "analz(G) \<union> analz(H) \<subseteq> analz(G \<union> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	414	by (intro Un_least analz_mono Un_upper1 Un_upper2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	415
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	416	lemma analz_insert: "insert X (analz H) \<subseteq> analz(insert X H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	417	by (blast intro: analz_mono [THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	418
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	419	subsubsection\<open>Rewrite rules for pulling out atomic messages\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	420
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	421	lemmas analz_insert_eq_I = equalityI [OF subsetI analz_insert]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	422
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	423	lemma analz_insert_Agent [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	424	"analz (insert (Agent agt) H) = insert (Agent agt) (analz H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	425	apply (rule analz_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	426	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	427	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	428
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	429	lemma analz_insert_Nonce [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	430	"analz (insert (Nonce N) H) = insert (Nonce N) (analz H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	431	apply (rule analz_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	432	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	433	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	434
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	435	text\<open>Can only pull out Keys if they are not needed to decrypt the rest\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	436	lemma analz_insert_Key [simp]:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	437	"K \<notin> keysFor (analz H) \<Longrightarrow>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	438	analz (insert (Key K) H) = insert (Key K) (analz H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	439	apply (unfold keysFor_def)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	440	apply (rule analz_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	441	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	442	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	443
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	444	lemma analz_insert_MPair [simp]:
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	445	"analz (insert \<lbrace>X,Y\<rbrace> H) =
6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	446	insert \<lbrace>X,Y\<rbrace> (analz (insert X (insert Y H)))"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	447	apply (rule equalityI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	448	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	449	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	450	apply (erule analz.induct)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	451	apply (blast intro: analz.Fst analz.Snd)+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	452	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	453
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	454	text\<open>Can pull out enCrypted message if the Key is not known\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	455	lemma analz_insert_Crypt:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	456	"Key (invKey K) \<notin> analz H
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	457	\<Longrightarrow> analz (insert (Crypt K X) H) = insert (Crypt K X) (analz H)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	458	apply (rule analz_insert_eq_I)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	459	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	460
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	461	done
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	462
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	463	lemma lemma1: "Key (invKey K) \<in> analz H \<Longrightarrow>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	464	analz (insert (Crypt K X) H) \<subseteq>
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	465	insert (Crypt K X) (analz (insert X H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	466	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	467	apply (erule_tac x = x in analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	468	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	469
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	470	lemma lemma2: "Key (invKey K) \<in> analz H \<Longrightarrow>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	471	insert (Crypt K X) (analz (insert X H)) \<subseteq>
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	472	analz (insert (Crypt K X) H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	473	apply auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	474	apply (erule_tac x = x in analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	475	apply (blast intro: analz_insertI analz.Decrypt)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	476	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	477
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	478	lemma analz_insert_Decrypt:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	479	"Key (invKey K) \<in> analz H \<Longrightarrow>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	480	analz (insert (Crypt K X) H) =
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	481	insert (Crypt K X) (analz (insert X H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	482	by (intro equalityI lemma1 lemma2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	483
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	484	text\<open>Case analysis: either the message is secure, or it is not! Effective,
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	485	but can cause subgoals to blow up! Use with \<open>if_split\<close>; apparently
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	486	\<open>split_tac\<close> does not cope with patterns such as \<^term>\<open>analz (insert
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	487	(Crypt K X) H)\<close>\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	488	lemma analz_Crypt_if [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	489	"analz (insert (Crypt K X) H) =
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	490	(if (Key (invKey K) \<in> analz H)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	491	then insert (Crypt K X) (analz (insert X H))
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	492	else insert (Crypt K X) (analz H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	493	by (simp add: analz_insert_Crypt analz_insert_Decrypt)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	494
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	495
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	496	text\<open>This rule supposes "for the sake of argument" that we have the key.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	497	lemma analz_insert_Crypt_subset:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	498	"analz (insert (Crypt K X) H) \<subseteq>
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	499	insert (Crypt K X) (analz (insert X H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	500	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	501	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	502	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	503
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	504
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	505	lemma analz_image_Key [simp]: "analz (Key`N) = Key`N"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	506	apply auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	507	apply (erule analz.induct, auto)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	508	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	509
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	510
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	511	subsubsection\<open>Idempotence and transitivity\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	512
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	513	lemma analz_analzD [dest!]: "X\<in> analz (analz H) \<Longrightarrow> X\<in> analz H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	514	by (erule analz.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	515
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	516	lemma analz_idem [simp]: "analz (analz H) = analz H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	517	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	518
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	519	lemma analz_subset_iff [simp]: "(analz G \<subseteq> analz H) = (G \<subseteq> analz H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	520	apply (rule iffI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	521	apply (iprover intro: subset_trans analz_increasing)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	522	apply (frule analz_mono, simp)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	523	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	524
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	525	lemma analz_trans: "[\| X\<in> analz G; G \<subseteq> analz H \|] ==> X\<in> analz H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	526	by (drule analz_mono, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	527
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	528	text\<open>Cut; Lemma 2 of Lowe\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	529	lemma analz_cut: "[\| Y\<in> analz (insert X H); X\<in> analz H \|] ==> Y\<in> analz H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	530	by (erule analz_trans, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	531
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	532	(*Cut can be proved easily by induction on
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	533	"Y \<in> analz (insert X H) \<Longrightarrow> X \<in> analz H \<longrightarrow> Y \<in> analz H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	534	*)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	535
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	536	text\<open>This rewrite rule helps in the simplification of messages that involve
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	537	the forwarding of unknown components (X). Without it, removing occurrences
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	538	of X can be very complicated.\<close>
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	539	lemma analz_insert_eq: "X\<in> analz H \<Longrightarrow> analz (insert X H) = analz H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	540	by (blast intro: analz_cut analz_insertI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	541
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	542
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	543	text\<open>A congruence rule for "analz"\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	544
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	545	lemma analz_subset_cong:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	546	"[\| analz G \<subseteq> analz G'; analz H \<subseteq> analz H' \|]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	547	==> analz (G \<union> H) \<subseteq> analz (G' \<union> H')"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	548	apply simp
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	549	apply (iprover intro: conjI subset_trans analz_mono Un_upper1 Un_upper2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	550	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	551
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	552	lemma analz_cong:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	553	"[\| analz G = analz G'; analz H = analz H' \|]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	554	==> analz (G \<union> H) = analz (G' \<union> H')"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	555	by (intro equalityI analz_subset_cong, simp_all)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	556
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	557	lemma analz_insert_cong:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	558	"analz H = analz H' \<Longrightarrow> analz(insert X H) = analz(insert X H')"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	559	by (force simp only: insert_def intro!: analz_cong)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	560
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	561	text\<open>If there are no pairs or encryptions then analz does nothing\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	562	lemma analz_trivial:
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	563	"[\| \<forall>X Y. \<lbrace>X,Y\<rbrace> \<notin> H; \<forall>X K. Crypt K X \<notin> H \|] ==> analz H = H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	564	apply safe
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	565	apply (erule analz.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	566	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	567
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	568	text\<open>These two are obsolete (with a single Spy) but cost little to prove...\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	569	lemma analz_UN_analz_lemma:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	570	"X\<in> analz (\<Union>i\<in>A. analz (H i)) \<Longrightarrow> X\<in> analz (\<Union>i\<in>A. H i)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	571	apply (erule analz.induct)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	572	apply (blast intro: analz_mono [THEN [2] rev_subsetD])+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	573	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	574
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	575	lemma analz_UN_analz [simp]: "analz (\<Union>i\<in>A. analz (H i)) = analz (\<Union>i\<in>A. H i)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	576	by (blast intro: analz_UN_analz_lemma analz_mono [THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	577	(>)
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	578	text \<open>
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	579	Note the \<open>Decrypt\<close> rule: the spy can decrypt a
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	580	message encrypted with key~$K$ if he has the matching key,~$K^{-1}$.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	581	Properties proved by rule induction include the following:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	582	@{named_thms [display,indent=0] analz_mono [no_vars] (analz_mono) analz_idem [no_vars] (analz_idem)}
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	583
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	584	The set of fake messages that an intruder could invent
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	585	starting from~\<open>H\<close> is \<open>synth(analz H)\<close>, where \<open>synth H\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	586	formalizes what the adversary can build from the set of messages~$H$.
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	587	\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	588
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	589	inductive_set
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	590	synth :: "msg set \<Rightarrow> msg set"
23733 3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	591	for H :: "msg set"
3f8ad7418e55 Adapted to new inductive definition package. berghofe parents: 16417 diff changeset	592	where
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	593	Inj [intro]: "X \<in> H \<Longrightarrow> X \<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	594	\| Agent [intro]: "Agent agt \<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	595	\| MPair [intro]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	596	"\<lbrakk>X \<in> synth H; Y \<in> synth H\<rbrakk> \<Longrightarrow> \<lbrace>X,Y\<rbrace> \<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	597	\| Crypt [intro]:
23929 6a98d0826daf Tuned. berghofe parents: 23925 diff changeset	598	"\<lbrakk>X \<in> synth H; Key K \<in> H\<rbrakk> \<Longrightarrow> Crypt K X \<in> synth H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	599	(<)
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	600	lemma synth_mono: "G\<subseteq>H \<Longrightarrow> synth(G) \<subseteq> synth(H)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	601	by (auto, erule synth.induct, auto)
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	602
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	603	inductive_cases Key_synth [elim!]: "Key K \<in> synth H"
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	604	inductive_cases MPair_synth [elim!]: "\<lbrace>X,Y\<rbrace> \<in> synth H"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	605	inductive_cases Crypt_synth [elim!]: "Crypt K X \<in> synth H"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	606
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	607	lemma analz_synth_Un [simp]: "analz (synth G \<union> H) = analz (G \<union> H) \<union> synth G"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	608	apply (rule equalityI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	609	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	610	apply (erule analz.induct)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	611	prefer 5 apply (blast intro: analz_mono [THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	612	apply (blast intro: analz.Fst analz.Snd analz.Decrypt)+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	613	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	614
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	615	lemma analz_synth [simp]: "analz (synth H) = analz H \<union> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	616	apply (cut_tac H = "{}" in analz_synth_Un)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	617	apply (simp (no_asm_use))
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	618	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	619	(>)
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	620	text \<open>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	621	The set includes all agent names. Nonces and keys are assumed to be
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	622	unguessable, so none are included beyond those already in~$H$. Two
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	623	elements of \<^term>\<open>synth H\<close> can be combined, and an element can be encrypted
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	624	using a key present in~$H$.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	625
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	626	Like \<open>analz\<close>, this set operator is monotone and idempotent. It also
cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	627	satisfies an interesting equation involving \<open>analz\<close>:
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	628	@{named_thms [display,indent=0] analz_synth [no_vars] (analz_synth)}
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	629	Rule inversion plays a major role in reasoning about \<open>synth\<close>, through
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	630	declarations such as this one:
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	631	\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	632
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	633	inductive_cases Nonce_synth [elim!]: "Nonce n \<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	634
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	635	text \<open>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	636	\noindent
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	637	The resulting elimination rule replaces every assumption of the form
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	638	\<^term>\<open>Nonce n \<in> synth H\<close> by \<^term>\<open>Nonce n \<in> H\<close>,
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	639	expressing that a nonce cannot be guessed.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	640
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	641	A third operator, \<open>parts\<close>, is useful for stating correctness
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	642	properties. The set
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	643	\<^term>\<open>parts H\<close> consists of the components of elements of~$H$. This set
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	644	includes~\<open>H\<close> and is closed under the projections from a compound
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	645	message to its immediate parts.
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	646	Its definition resembles that of \<open>analz\<close> except in the rule
cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	647	corresponding to the constructor \<open>Crypt\<close>:
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	648	@{thm [display,indent=5] parts.Body [no_vars]}
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	649	The body of an encrypted message is always regarded as part of it. We can
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	650	use \<open>parts\<close> to express general well-formedness properties of a protocol,
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	651	for example, that an uncompromised agent's private key will never be
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	652	included as a component of any message.
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	653	\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	654	(<)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	655	lemma synth_increasing: "H \<subseteq> synth(H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	656	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	657
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	658	subsubsection\<open>Unions\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	659
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	660	text\<open>Converse fails: we can synth more from the union than from the
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	661	separate parts, building a compound message using elements of each.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	662	lemma synth_Un: "synth(G) \<union> synth(H) \<subseteq> synth(G \<union> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	663	by (intro Un_least synth_mono Un_upper1 Un_upper2)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	664
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	665	lemma synth_insert: "insert X (synth H) \<subseteq> synth(insert X H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	666	by (blast intro: synth_mono [THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	667
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	668	subsubsection\<open>Idempotence and transitivity\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	669
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	670	lemma synth_synthD [dest!]: "X\<in> synth (synth H) \<Longrightarrow> X\<in> synth H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	671	by (erule synth.induct, blast+)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	672
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	673	lemma synth_idem: "synth (synth H) = synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	674	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	675
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	676	lemma synth_subset_iff [simp]: "(synth G \<subseteq> synth H) = (G \<subseteq> synth H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	677	apply (rule iffI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	678	apply (iprover intro: subset_trans synth_increasing)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	679	apply (frule synth_mono, simp add: synth_idem)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	680	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	681
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	682	lemma synth_trans: "[\| X\<in> synth G; G \<subseteq> synth H \|] ==> X\<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	683	by (drule synth_mono, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	684
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	685	text\<open>Cut; Lemma 2 of Lowe\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	686	lemma synth_cut: "[\| Y\<in> synth (insert X H); X\<in> synth H \|] ==> Y\<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	687	by (erule synth_trans, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	688
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	689	lemma Agent_synth [simp]: "Agent A \<in> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	690	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	691
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	692	lemma Nonce_synth_eq [simp]: "(Nonce N \<in> synth H) = (Nonce N \<in> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	693	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	694
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	695	lemma Key_synth_eq [simp]: "(Key K \<in> synth H) = (Key K \<in> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	696	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	697
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	698	lemma Crypt_synth_eq [simp]:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	699	"Key K \<notin> H \<Longrightarrow> (Crypt K X \<in> synth H) = (Crypt K X \<in> H)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	700	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	701
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	702
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	703	lemma keysFor_synth [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	704	"keysFor (synth H) = keysFor H \<union> invKey`{K. Key K \<in> H}"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	705	by (unfold keysFor_def, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	706
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	707
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	708	subsubsection\<open>Combinations of parts, analz and synth\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	709
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	710	lemma parts_synth [simp]: "parts (synth H) = parts H \<union> synth H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	711	apply (rule equalityI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	712	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	713	apply (erule parts.induct)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	714	apply (blast intro: synth_increasing [THEN parts_mono, THEN subsetD]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	715	parts.Fst parts.Snd parts.Body)+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	716	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	717
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	718	lemma analz_analz_Un [simp]: "analz (analz G \<union> H) = analz (G \<union> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	719	apply (intro equalityI analz_subset_cong)+
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	720	apply simp_all
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	721	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	722
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	723
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	724	subsubsection\<open>For reasoning about the Fake rule in traces\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	725
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	726	lemma parts_insert_subset_Un: "X \<in> G \<Longrightarrow> parts(insert X H) \<subseteq> parts G \<union> parts H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	727	by (rule subset_trans [OF parts_mono parts_Un_subset2], blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	728
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	729	text\<open>More specifically for Fake. Very occasionally we could do with a version
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	730	of the form \<^term>\<open>parts{X} \<subseteq> synth (analz H) \<union> parts H\<close>\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	731	lemma Fake_parts_insert:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	732	"X \<in> synth (analz H) \<Longrightarrow>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	733	parts (insert X H) \<subseteq> synth (analz H) \<union> parts H"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	734	apply (drule parts_insert_subset_Un)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	735	apply (simp (no_asm_use))
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	736	apply blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	737	done
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	738
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	739	lemma Fake_parts_insert_in_Un:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	740	"[\|Z \<in> parts (insert X H); X \<in> synth (analz H)\|]
58860 fee7cfa69c50 eliminated spurious semicolons; wenzelm parents: 58305 diff changeset	741	==> Z \<in> synth (analz H) \<union> parts H"
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	742	by (blast dest: Fake_parts_insert [THEN subsetD, dest])
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	743
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	744	text\<open>\<^term>\<open>H\<close> is sometimes \<^term>\<open>Key ` KK \<union> spies evs\<close>, so can't put
ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	745	\<^term>\<open>G=H\<close>.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	746	lemma Fake_analz_insert:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	747	"X \<in> synth (analz G) \<Longrightarrow>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	748	analz (insert X H) \<subseteq> synth (analz G) \<union> analz (G \<union> H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	749	apply (rule subsetI)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	750	apply (subgoal_tac "x \<in> analz (synth (analz G) \<union> H) ")
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	751	prefer 2 apply (blast intro: analz_mono [THEN [2] rev_subsetD] analz_mono [THEN synth_mono, THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	752	apply (simp (no_asm_use))
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	753	apply blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	754	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	755
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	756	lemma analz_conj_parts [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	757	"(X \<in> analz H & X \<in> parts H) = (X \<in> analz H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	758	by (blast intro: analz_subset_parts [THEN subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	759
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	760	lemma analz_disj_parts [simp]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	761	"(X \<in> analz H \| X \<in> parts H) = (X \<in> parts H)"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	762	by (blast intro: analz_subset_parts [THEN subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	763
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	764	text\<open>Without this equation, other rules for synth and analz would yield
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	765	redundant cases\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	766	lemma MPair_synth_analz [iff]:
61992 6d02bb8b5fe1 more symbols; wenzelm parents: 59780 diff changeset	767	"(\<lbrace>X,Y\<rbrace> \<in> synth (analz H)) =
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	768	(X \<in> synth (analz H) & Y \<in> synth (analz H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	769	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	770
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	771	lemma Crypt_synth_analz:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	772	"[\| Key K \<in> analz H; Key (invKey K) \<in> analz H \|]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	773	==> (Crypt K X \<in> synth (analz H)) = (X \<in> synth (analz H))"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	774	by blast
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	775
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	776
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	777	text\<open>We do NOT want Crypt... messages broken up in protocols!!\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	778	declare parts.Body [rule del]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	779
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	780
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	781	text\<open>Rewrites to push in Key and Crypt messages, so that other messages can
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	782	be pulled out using the \<open>analz_insert\<close> rules\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	783
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	784	lemmas pushKeys =
27225 b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	785	insert_commute [of "Key K" "Agent C"]
b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	786	insert_commute [of "Key K" "Nonce N"]
b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	787	insert_commute [of "Key K" "MPair X Y"]
b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	788	insert_commute [of "Key K" "Crypt X K'"]
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	789	for K C N X Y K'
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	790
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	791	lemmas pushCrypts =
27225 b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	792	insert_commute [of "Crypt X K" "Agent C"]
b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	793	insert_commute [of "Crypt X K" "Agent C"]
b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	794	insert_commute [of "Crypt X K" "Nonce N"]
b316dde851f5 eliminated OldGoals.inst; wenzelm parents: 27154 diff changeset	795	insert_commute [of "Crypt X K" "MPair X' Y"]
55142 378ae9e46175 prefer explicit 'for' context; wenzelm parents: 51717 diff changeset	796	for X K C N X' Y
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	797
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	798	text\<open>Cannot be added with \<open>[simp]\<close> -- messages should not always be
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	799	re-ordered.\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	800	lemmas pushes = pushKeys pushCrypts
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	801
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	802
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	803	subsection\<open>Tactics useful for many protocol proofs\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	804	ML
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	805	\<open>
39282 7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	806	val invKey = @{thm invKey};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	807	val keysFor_def = @{thm keysFor_def};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	808	val symKeys_def = @{thm symKeys_def};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	809	val parts_mono = @{thm parts_mono};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	810	val analz_mono = @{thm analz_mono};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	811	val synth_mono = @{thm synth_mono};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	812	val analz_increasing = @{thm analz_increasing};
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	813
39282 7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	814	val analz_insertI = @{thm analz_insertI};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	815	val analz_subset_parts = @{thm analz_subset_parts};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	816	val Fake_parts_insert = @{thm Fake_parts_insert};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	817	val Fake_analz_insert = @{thm Fake_analz_insert};
7c69964c6d74 proper antiquotations; wenzelm parents: 35416 diff changeset	818	val pushes = @{thms pushes};
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	819
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	820
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	821	(*Analysis of Fake cases. Also works for messages that forward unknown parts,
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	822	but this application is no longer necessary if analz_insert_eq is used.
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	823	Abstraction over i is ESSENTIAL: it delays the dereferencing of claset
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	824	DEPENDS UPON "X" REFERRING TO THE FRADULENT MESSAGE *)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	825
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	826	(*Apply rules to break down assumptions of the form
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	827	Y \<in> parts(insert X H) and Y \<in> analz(insert X H)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	828	*)
32265 fa8872f21ac3 reinserted legacy ML function haftmann parents: 32149 diff changeset	829	fun impOfSubs th = th RSN (2, @{thm rev_subsetD})
fa8872f21ac3 reinserted legacy ML function haftmann parents: 32149 diff changeset	830
59498 50b60f501b05 proper context for resolve_tac, eresolve_tac, dresolve_tac, forward_tac etc.; wenzelm parents: 58889 diff changeset	831	fun Fake_insert_tac ctxt =
50b60f501b05 proper context for resolve_tac, eresolve_tac, dresolve_tac, forward_tac etc.; wenzelm parents: 58889 diff changeset	832	dresolve_tac ctxt [impOfSubs Fake_analz_insert,
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	833	impOfSubs Fake_parts_insert] THEN'
59498 50b60f501b05 proper context for resolve_tac, eresolve_tac, dresolve_tac, forward_tac etc.; wenzelm parents: 58889 diff changeset	834	eresolve_tac ctxt [asm_rl, @{thm synth.Inj}];
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	835
51717 9e7d1c139569 simplifier uses proper Proof.context instead of historic type simpset; wenzelm parents: 49322 diff changeset	836	fun Fake_insert_simp_tac ctxt i =
59498 50b60f501b05 proper context for resolve_tac, eresolve_tac, dresolve_tac, forward_tac etc.; wenzelm parents: 58889 diff changeset	837	REPEAT (Fake_insert_tac ctxt i) THEN asm_full_simp_tac ctxt i;
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	838
42475 f830a72b27ed simplified/modernized method setup; wenzelm parents: 39282 diff changeset	839	fun atomic_spy_analz_tac ctxt =
42793 88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	840	SELECT_GOAL
51717 9e7d1c139569 simplifier uses proper Proof.context instead of historic type simpset; wenzelm parents: 49322 diff changeset	841	(Fake_insert_simp_tac ctxt 1 THEN
42793 88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	842	IF_UNSOLVED (Blast.depth_tac (ctxt addIs [analz_insertI, impOfSubs analz_subset_parts]) 4 1));
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	843
42475 f830a72b27ed simplified/modernized method setup; wenzelm parents: 39282 diff changeset	844	fun spy_analz_tac ctxt i =
42793 88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	845	DETERM
88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	846	(SELECT_GOAL
88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	847	(EVERY
88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	848	[ (push in occurrences of X...)
88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	849	(REPEAT o CHANGED)
59780 23b67731f4f0 support 'for' fixes in rule_tac etc.; wenzelm parents: 59763 diff changeset	850	(Rule_Insts.res_inst_tac ctxt [((("x", 1), Position.none), "X")] []
23b67731f4f0 support 'for' fixes in rule_tac etc.; wenzelm parents: 59763 diff changeset	851	(insert_commute RS ssubst) 1),
42793 88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	852	(...allowing further simplifications)
51717 9e7d1c139569 simplifier uses proper Proof.context instead of historic type simpset; wenzelm parents: 49322 diff changeset	853	simp_tac ctxt 1,
59498 50b60f501b05 proper context for resolve_tac, eresolve_tac, dresolve_tac, forward_tac etc.; wenzelm parents: 58889 diff changeset	854	REPEAT (FIRSTGOAL (resolve_tac ctxt [allI,impI,notI,conjI,iffI])),
42793 88bee9f6eec7 proper Proof.context for classical tactics; wenzelm parents: 42765 diff changeset	855	DEPTH_SOLVE (atomic_spy_analz_tac ctxt 1)]) i);
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	856	\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	857
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	858	text\<open>By default only \<open>o_apply\<close> is built-in. But in the presence of
69597 ff784d5a5bfb isabelle update -u control_cartouches; wenzelm parents: 69505 diff changeset	859	eta-expansion this means that some terms displayed as \<^term>\<open>f o g\<close> will be
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	860	rewritten, and others will not!\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	861	declare o_def [simp]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	862
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	863
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	864	lemma Crypt_notin_image_Key [simp]: "Crypt K X \<notin> Key ` A"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	865	by auto
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	866
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	867	lemma synth_analz_mono: "G\<subseteq>H \<Longrightarrow> synth (analz(G)) \<subseteq> synth (analz(H))"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	868	by (iprover intro: synth_mono analz_mono)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	869
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	870	lemma Fake_analz_eq [simp]:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	871	"X \<in> synth(analz H) \<Longrightarrow> synth (analz (insert X H)) = synth (analz H)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	872	apply (drule Fake_analz_insert[of _ _ "H"])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	873	apply (simp add: synth_increasing[THEN Un_absorb2])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	874	apply (drule synth_mono)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	875	apply (simp add: synth_idem)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	876	apply (rule equalityI)
58860 fee7cfa69c50 eliminated spurious semicolons; wenzelm parents: 58305 diff changeset	877	apply (simp add: )
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	878	apply (rule synth_analz_mono, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	879	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	880
69505 cc2d676d5395 isabelle update_cartouches -t; wenzelm parents: 68237 diff changeset	881	text\<open>Two generalizations of \<open>analz_insert_eq\<close>\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	882	lemma gen_analz_insert_eq [rule_format]:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	883	"X \<in> analz H \<Longrightarrow> \<forall>G. H \<subseteq> G \<longrightarrow> analz (insert X G) = analz G"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	884	by (blast intro: analz_cut analz_insertI analz_mono [THEN [2] rev_subsetD])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	885
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	886	lemma synth_analz_insert_eq [rule_format]:
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	887	"X \<in> synth (analz H)
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	888	\<Longrightarrow> \<forall>G. H \<subseteq> G \<longrightarrow> (Key K \<in> analz (insert X G)) = (Key K \<in> analz G)"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	889	apply (erule synth.induct)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	890	apply (simp_all add: gen_analz_insert_eq subset_trans [OF _ subset_insertI])
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	891	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	892
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	893	lemma Fake_parts_sing:
67613 ce654b0e6d69 more symbols; wenzelm parents: 67443 diff changeset	894	"X \<in> synth (analz H) \<Longrightarrow> parts{X} \<subseteq> synth (analz H) \<union> parts H"
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	895	apply (rule subset_trans)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	896	apply (erule_tac [2] Fake_parts_insert)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	897	apply (rule parts_mono, blast)
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	898	done
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	899
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	900	lemmas Fake_parts_sing_imp_Un = Fake_parts_sing [THEN [2] rev_subsetD]
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	901
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	902	method_setup spy_analz = \<open>
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	903	Scan.succeed (SIMPLE_METHOD' o spy_analz_tac)\<close>
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	904	"for proving the Fake case when analz is involved"
c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	905
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	906	method_setup atomic_spy_analz = \<open>
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	907	Scan.succeed (SIMPLE_METHOD' o atomic_spy_analz_tac)\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	908	"for debugging spy_analz"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	909
67406 23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	910	method_setup Fake_insert_simp = \<open>
23307fd33906 isabelle update_cartouches -c; wenzelm parents: 62392 diff changeset	911	Scan.succeed (SIMPLE_METHOD' o Fake_insert_simp_tac)\<close>
23925 ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	912	"for debugging spy_analz"
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	913
ee98c2528a8f LaTeX code is now generated directly from theory files. berghofe parents: 23733 diff changeset	914
11250 c8bbf4c4bc2d symlinks to ../../../HOL/Auth. Fingers crossed... paulson parents: diff changeset	915	end
62392 747d36865c2c more canonical names nipkow parents: 61992 diff changeset	916	(>)

author	wenzelm
	Tue, 01 Oct 2024 20:39:16 +0200
changeset 81091	c007e6d9941d
parent 81019	dd59daa3c37a
child 81261	0c9075bdff38
permissions	-rw-r--r--